Fake bank Web site scam reaches U.S.

By David Legard, IDG News Service

May 14, 2003 12:00 PM ET

Recommended

(6)

Digg

Twitter

Share/Email

IDG News Service - Bank of America Corp. has warned its customers to be aware of a scam that attempts to get them to log into a fake Web site that then captures their personal financial details.
The scam was attempted recently via e-mail and is similar to ones recently perpetrated in Australia on Commonwealth Bank, Westpac Bank, and Australia and New Zealand (ANZ) Bank.
The fraud works by sending a spoof e-mail to bank customers asking them to click on a link to a fake site resembling the real bank site, where customers are asked for their account name and password. Fewer than 75 customer accounts were compromised in the latest scam; the bank has helped those customers change their passwords and protect their accounts. The fraudulent site was shut down within 13 hours, and details about the e-mail distribution and its source are under investigation, Bank of America said.
Bank of America urged its customers to take precautions when making transactions online, including the following:

Review a Web site's URL to check its legitimacy, seeing whether the spelling is correct or appears suspicious.

Be careful before providing personal information, Social Security numbers, and account or credit card information over the telephone, in person or on the Internet.

Notify the bank of suspicious phone or e-mail inquiries, such as those asking for account information to verify a statement or award prizes.

The Australian scams also failed to cause any serious damage, with only 50 customers at ANZ needing their accounts set up again.
A wider form of online bank fraud proliferating worldwide is "419," or advance-fee scams, which are perpetrated by Nigerian gangs who have set up several dozen fake bank Web sites that have no relation to any actual bank. In this scam, the gangs use e-mail to try to persuade victims to help them make multimillion-dollar transfers out of Nigeria in return for a percentage of the money (see story).
Victims are encouraged to set up an online bank account with the fake bank, where the money duly appears. The victim is then asked to pay the fraudsters some fake charges or taxes by another method such as Western Union, at which point their account at the fake bank disappears.
These fake bank sites are operated freely in Amsterdam, giving the fake bank credibility it wouldn't have if it were based in Nigeria, according to a group that monitors these frauds. "When the crime crosses borders, the police of other nations [apart from Nigeria] have a chance to get involved. But anecdotal evidence suggeststhat this is rare," the Chaos Project antifraud group wrote in an advisory. "The authorities in some countries place a fiscal limit on getting involved -- you have to have lost quite a lot of money before they will bother investigating."
The antifraud Web site Scamorama and other security organizations have compiled lists of over 50 fake banks set up and used by the Nigerian 419 fraudsters. A partial list is available online.

Recommend Digg Twitter ShareThis

Email Print Send Feedback Reprints

Reprinted with permission from

IDG.net
Story copyright 2009 International Data Group. All rights reserved.

Jump to comments

Cybercrime/Hacking

Additional Resources

WHITE PAPER

EFD vs. HDD - What You Need to Know

Enterprise flash drives provide a new Tier 0 storage layer capable of delivering high I/O performance at a very low latency. Proper use of EFDs in an Oracle environment can deliver increased performance compared to fibre channel drives. Read the recommendations for identification of the best DB components for EFDs.

WHITE PAPER

Gartner Research Report: Magic Quadrant for Application Delivery Controllers, 2009

The market for products to improve the delivery of application software over networks remains dynamic and innovative. Vendors focused on solving enterprises' most-pressing application problems have become the top players.

WHITE PAPER

Eight Criteria for Server Load Balancing

Server load balancers are a simple yet highly effective means to scale an application environment while ensuring its availability. Today's solutions should also address application performance and security. Read about the top eight criteria you should consider when choosing a server load balancer and how Citrix NetScaler meets those requirements.

White Papers & Webcasts

The Tangled Web: Silent Threats & Invisible Enemies
Download Now

Data in Action: Making the Planet Smarter
Register Now

Email Archiving: A Business-Critical Application
Get this paper now!

Hosted Security Services: Why it make budget and security sense in today's economy
Watch Now

Gene Kim's Practical Steps to Achieve and Maintain NERC Compliance
Learn seven steps operators can take to meet IT configuration requirements set forth in the NERC-CIP standards.

The Workday User Experience Video
Watch Workday's Creative Director, Scott Lietzke, discuss the business-centered design philosophy at Workday.

Not Just Words: Enforce Your Email and Web Acceptable Usage Policies
Get this paper now!

Business Process Framework Demo
Learn about Configurable Business Processes and Calculated Fields. Watch Now!

The New World of eCrime: Targeted Brand Attacks and How to Combat Them
Download This Whitepaper Now!

Manager Experience Demo
Go beyond self-service solutions to perform more effectively. Watch Now.

All White Papers | All Webcasts